On Thu, Apr 10, 2008 at 10:15:07PM -0700, Kyle Hamilton wrote:
> Once this is done, the channel is 'secure' and user data can start
> flowing, without having to worry about anyone else being able to get
> anything intelligible from the conversation.
The channel is only secure against passive eavesdroppers, unless at least
one side verifies the keys of the other. The side that does not verify
the other's keys cannot be sure that the channel is secure, although it
might in fact be secure, because either party can detect a MITM attack
if it can verify the peer certificate.
The threat model (passive vs. active attacks, ...) determines the
right level of certificat verification. Mutual authentication (both
sides know which public keys/certs to accept, and check that they
get the right ones) offerst the best security, provided there is
good management of the trusted public keys...
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
